GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,567
Composer 4,697
Erlang 34
GitHub Actions 28
Go 2,289
Maven 5,573
npm 3,936
NuGet 708
pip 3,706
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,052

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

120,379 advisories

Filter by severity

Sort by

Least recently updated

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to... Moderate Unreviewed

CVE-2024-54779 was published May 14, 2025

The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed

CVE-2025-4101 was published May 17, 2025

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed

CVE-2025-4610 was published May 17, 2025

The Jupiter X Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File... Moderate Unreviewed

CVE-2025-3888 was published May 17, 2025

The EventON Pro plugin for WordPress is vulnerable to unauthorized modification of data due to a... Moderate Unreviewed

CVE-2025-3527 was published May 17, 2025

The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed

CVE-2025-4669 was published May 17, 2025

The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.9.18 does not sanitise and... Moderate Unreviewed

CVE-2024-9227 was published May 15, 2025

The Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses WordPress... Moderate Unreviewed

CVE-2024-9882 was published May 15, 2025

The Team WordPress plugin before 4.4.2 does not sanitise and escape some of its settings, which... Moderate Unreviewed

CVE-2024-9236 was published May 15, 2025

The Logo Slider WordPress plugin before 3.7.1 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2024-9233 was published May 15, 2025

The RegistrationMagic WordPress plugin before 6.0.2.1 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2024-9390 was published May 15, 2025

The Payment Gateway for Telcell WordPress plugin through 2.0.1 does not validate the api_url... Moderate Unreviewed

CVE-2023-6786 was published May 15, 2025

The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape... Moderate Unreviewed

CVE-2024-6665 was published May 15, 2025

In the process of testing the Simple Job Board WordPress plugin before 2.12.2, a vulnerability... Moderate Unreviewed

CVE-2024-7761 was published May 15, 2025

The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a... Moderate Unreviewed

CVE-2024-6667 was published May 15, 2025

The PWA for WP WordPress plugin before 1.7.72 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-7759 was published May 15, 2025

The Simple Nav Archives WordPress plugin through 2.1.3 does not have CSRF check in place when... Moderate Unreviewed

CVE-2024-8398 was published May 15, 2025

The Maspik WordPress plugin before 2.1.3 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-9182 was published May 15, 2025

The AlT Monitoring plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-4194 was published May 17, 2025

The Audio Comments Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-4189 was published May 17, 2025

A vulnerability was found in Sourcecodester Doctor's Appointment System 1.0. It has been declared... Moderate Unreviewed

CVE-2025-4817 was published May 17, 2025

A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been... Moderate Unreviewed

CVE-2025-4816 was published May 17, 2025

A vulnerability was found in SourceCodester Doctor's Appointment System 1.0. It has been rated as... Moderate Unreviewed

CVE-2025-4818 was published May 17, 2025

The AVIF Uploader WordPress plugin before 1.1.1 does not sanitise uploaded SVG files, which could... Moderate Unreviewed

CVE-2024-9238 was published May 15, 2025

The Nested Pages WordPress plugin before 3.2.9 does not sanitise and escape some of its settings,... Moderate Unreviewed

CVE-2024-8759 was published May 15, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

120,379 advisories